From 0bd19b61c8cd07d03b6efffc05f95d5ec427a3d6 Mon Sep 17 00:00:00 2001 From: Tadeusz Struk Date: Tue, 14 Jan 2020 10:55:20 -0800 Subject: [PATCH] esys: fix Esys_StartAuthSession called with optional params For an HMAC session if any of the optional params are ESYS_TR_NONE we need to use the same tpm2_handles TPM2_RH_NULL (0x40000007) as in the prepare call to correctly calculate cpHash and HMAC values for the session. Fixes: #1590 Signed-off-by: Tadeusz Struk --- src/tss2-esys/api/Esys_StartAuthSession.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/src/tss2-esys/api/Esys_StartAuthSession.c b/src/tss2-esys/api/Esys_StartAuthSession.c index 313604a2077c..3ccd842a7572 100644 --- a/src/tss2-esys/api/Esys_StartAuthSession.c +++ b/src/tss2-esys/api/Esys_StartAuthSession.c @@ -260,7 +260,19 @@ Esys_StartAuthSession_Async( iesys_compute_session_value(esysContext->session_tab[2], NULL, NULL); /* Generate the auth values and set them in the SAPI command buffer */ - r = iesys_gen_auths(esysContext, tpmKeyNode, bindNode, NULL, &auths); + + RSRC_NODE_T none; + size_t offset = 0; + none.rsrc.handle = TPM2_RH_NULL; + none.rsrc.rsrcType = IESYSC_WITHOUT_MISC_RSRC; + r = Tss2_MU_TPM2_HANDLE_Marshal(TPM2_RH_NULL, + none.rsrc.name.name, + sizeof(none.rsrc.name.name), + &offset); + return_state_if_error(r, _ESYS_STATE_INIT, "Marshaling TPM handle."); + none.rsrc.name.size = offset; + r = iesys_gen_auths(esysContext, tpmKeyNode ? tpmKeyNode : &none, + bindNode ? bindNode : &none, NULL, &auths); return_state_if_error(r, _ESYS_STATE_INIT, "Error in computation of auth values"); -- 2.27.0